Definition

content spoofing

Content spoofing is a type of exploit used by a malicious hackers to present a faked or modified Web site to the user as if it were legitimate. The intent is, typically, to defraud victims (as in phishing) although sometimes the purpose is simply to misrepresent an organization or an individual. Content spoofing often exploits an established trust relationship between a computer user and an organization.

The attacker typically leads an Internet user to spoofed content through e-mail, bulletin-board postings and chat-room transmissions. In some cases, an attacker may modify information and links in an established Web site by accessing and altering content on the server. The latter type of content spoofing is more difficult to detect because there is no readily apparent difference to the casual observer.

The most dangerous content spoofing is done with DHTML (dynamic HTML) content sources such as forms and log-in applications. When a Web page with spoofed content is viewed by an Internet user, the location bar displays what appears to be a legitimate URL. However, the attacker has generated or altered by the page. As a result, when the user enters sensitive data (such as a credit card number, password, bank account number, birth date, or Social Security number), the attacker can obtain the data for identity theft or some other fraudulent purpose.

This was last updated in September 2006

Continue Reading About content spoofing

The Web Application Security Consortium describes content spoofing and provides an example of how it is done.

Secunia identifies a content spoofing vulnerability in Windows, and provides links to appropriate patches.

Dig Deeper on Internet Application Security

All
News
Get Started
Evaluate
Manage
Problem Solve

Start the conversation

Send me notifications when other members comment.

-ADS BY GOOGLE

File Extensions and File Formats

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S

T
U
V
W
X
Y
Z
#

Powered by:

SearchMicroservices

API workflow design patterns for microservices scenarios

When it comes to workflow systems for microservices, there's no one-size-fits-all approach. Learn about the API workflow pattern ...
How to design APIs for hybrid cloud architecture

Hybrid cloud is complex, particularly because it's the application -- not the server -- that manages API flows. Review some ...
A serverless architecture tutorial for development teams

Still emerging serverless technology offers some big advantages for development teams. This serverless architecture tutorial can ...

TheServerSide.com

How to install the JDK on Windows and set up JAVA_HOME

You have options when it comes to JDK installations on Windows and Linux. Here are some helpful tips to ensure a proper install ...
Follow these best practices on how to write clean code in Java

Follow these three best practices to write clean Java code and help make your application development simple and painless for all...
What's the future of WebSphere Portal as HCL acquires IBM products?

WebSphere users can breathe easy after its acquisition by HCL was finalized in July 2019. The platform will receive heavy ...

SearchCloudApplications

What Oracle delivered at OOW 2015

Learn how Oracle was pushing its cloud technologies, but OOW 2015 keynote speakers largely talked about cloud strategies.
Five key terms in enterprise cloud applications you need to know

Are you stumped by enterprise cloud applications or related technology? Check out this breakdown of five important terms to help ...
Survey: Developer-programmer pay, job satisfaction below IT average

In TechTarget's 2013 IT Salary and Careers Survey, developer-programmer respondents reported lower pay and less job satisfaction ...

SearchAWS

AWS Lambda alternatives for flexible cloud workloads

Experts share points of comparison for Lambda vs. the competition, and what other options AWS has for elastic computing without ...
Globe and Mail's AWS migration drives digital engagement

Canadian news outlet The Globe and Mail has broadly adopted AWS cloud services in a bid to increase reader engagement and digital...
What you need to know about Cloudera vs. AWS for big data

Enterprises in need of a big data platform must run some analytics of their own to choose a vendor. AWS' integration between ...

SearchBusinessAnalytics

The Salesforce acquisition of Tableau complements Einstein Analytics

Given the different strengths of Salesforce's Einstein Analytics platform and Tableau, the BI tools could prove complementary now...
Domo management expansion signals strategic shift

Five months after it stated it would be pursuing strategic partnerships, Domo appears to be making a move toward implementing ...
Reveal moves Infragistics BI platform into embedded analytics

With the release of Reveal, an embedded business intelligence platform, longtime software vendor Infragistics is expanding its ...

SearchHRSoftware

HR must contend with enterprise social network challenges

Enterprise social networks like Slack and Yammer are gaining steam as alternatives to traditional email, but they can raise some ...
Workplace environment and productivity link grows, so should HR's role

HR is urged to play a role in facilities management as research underscores the link between workplace conditions such as air ...
Google age discrimination lawsuit may force HR changes

Discrimination lawsuits can seek broad changes to HR operations, as was the case for Google. That settlement could be a template ...

SearchHealthIT

Intraprise Health platform strengthens healthcare security

Intraprise Health introduced new software designed to prevent healthcare security breaches by monitoring third-party risks across...
MyHealthDirect deal is a push for a seamless patient experience

Experian's acquisition of MyHealthDirect is a step toward a better patient experience by providing real-time scheduling services ...
Before partnering with tech giants, healthcare CIOs should look within

To partner with tech giants or not to partner with tech giants? Gartner analyst Laura Craft offers advice on how healthcare CIOs ...

DevOpsAgenda

How to bust security silos and secure your operation

DevOps means velocity, though, not at security's expense. Rapid7's Jen Andre thinks automation and orchestration strategies can ...
The first step from Agile to DevOps is a pilot project

Agile to DevOps isn't as perilous as Waterfall to Agile, but it will take measurable goals and an efficient pilot project to ...
Best practices for DevOps compliance and reusability

You know you want to scale with a model-driven process. So how do you make it work? Start with these best practices for ...

Close